Live-coding: Policy as code

Who is this presentation for?

Developers, SREs, and security engineers

Level

Intermediate

Description

Organizations have relied on wikis and institutional knowledge to document and enforce important rules that govern how the systems behave, but today, many organizations pursue policy as code for greater control and visibility over the systems. Instead of writing policies in documents or relying on manual checks, organizations leverage policy engines to codify and enforce rules across all of their systems.

The Open Policy Agent (OPA) is an open source general-purpose policy engine hosted by the Cloud Native Computing Foundation. At OPA’s core is a domain-agnostic declarative language that embodies policy as code. By implementing policy as code, you can apply best practices like unit testing, dry runs, and code review to your policies.

Join Torin Sandall to see how powerful declarative languages become with the right tooling as he walks you through a live-coding demonstration of how to apply policy as code across microservices and Kubernetes. You’ll explore the core language features of search, composition, and querying of complex document-oriented data.

Prerequisite knowledge

Experience with authorization, microservices, and Kubernetes (useful but not required)

What you'll learn

Learn about policy as code and how it can be implemented elegantly without thousands of lines of YAML and applied to different use cases like authorization, admission control, and data filtering

Gain fresh ideas about how declarative language can be leveraged to enforce policies across the stack

Torin Sandall

Open Policy Agent Project

Torin Sandall is the cofounder and technical lead of the recent open source Open Policy Agent project. He spent 10 years as a software engineer working on large-scale distributed systems projects. Previously, Torin was a senior software engineer at Cyan (acquired by Ciena), where he designed and developed core components of its SDN/NFV platform. He’s a frequent speaker on policy-related topics in Kubernetes at KubeCon, ContainerDaysPDX, Kubernetes meetups, and more.

Comments on this page are now closed.

Comments

Torin Sandall
| Cofounder, Technical Lead

07/18/2019 8:42am PDT

Material for the talk can be found here: https://github.com/tsandall/oscon-2019